Connect Akto with Cloudflare
Cloudflare is a global network security platform that provides CDN, DDoS protection, and API security services. Integrating Cloudflare with Akto will enable automatic discovery and security testing of all APIs passing through your Cloudflare infrastructure, helping you maintain continuous visibility and protection of your edge-distributed APIs.
To connect Akto with Cloudflare, follow these steps -
Step 1: Deploy the Akto Data-Ingestion Service
Before configuring the Cloudflare Worker Traffic Connector, you need to deploy the Akto Data-Ingestion Service. Ensure that the service is running and accessible via a publicly available URL. Set up and configure Akto Traffic Processor. The steps are mentioned here. Ensure this instance is publicly accessible, as it will receive traffic logs from your Cloudflare Worker.
Step 2: Set Up Your Cloudflare Worker Script
Navigate to the Cloudflare Dashboard and select your account.
Go to Workers & Pages.
Click Create and choose Worker.
Click the Hello World button and deploy it.
Click Edit code and replace the default script with the following example:
export default {
async fetch(request, env, ctx) {
const requestClone = request.clone();
const backendResponse = await fetch(request);
try {
const requestBody = await requestClone.text();
const responseClone = backendResponse.clone();
const responseBody = await responseClone.text();
ctx.waitUntil(sendToAkto(request, requestBody, backendResponse, responseBody, env));
} catch (error) {
console.error("Error while processing original request or response: ", error)
}
return backendResponse;
},
};
async function sendToAkto(request, requestBody, response, responseBody, env) {
const aktoAPI = "https://<your-ingestion-service-address>/api/ingestData"; // Replace with your deployed ingestion endpoint
const logs = generateLog(request, requestBody, response, responseBody);
const aktoRequest = new Request(aktoAPI, {
method: "POST",
body: logs,
headers: {
"Content-Type": "application/json",
},
});
const aktoResponse = await fetch(aktoRequest);
if(aktoResponse.status === 400) {
console.error(`Akto response: ${aktoResponse.status} ${aktoResponse.statusText}, Body: ${await aktoResponse.text()}`);
}
}
function generateLog(req, requestBody, res, responseBody) {
const url = new URL(req.url);
const path = url.pathname;
const value = {
path: path,
requestHeaders: JSON.stringify(Object.fromEntries(req.headers)),
responseHeaders: JSON.stringify(Object.fromEntries(res.headers)),
method: req.method,
requestPayload: requestBody,
responsePayload: responseBody,
ip: req.headers.get('x-forwarded-for') || req.headers.get('cf-connecting-ip') || req.headers.get('x-real-ip') || '',
time: Math.round(Date.now() / 1000).toString(),
statusCode: res.status.toString(),
type: "HTTP/1.1",
status: res.statusText,
akto_account_id: "1000000",
akto_vxlan_id: "0",
is_pending: "false",
source: "MIRRORING"
};
return JSON.stringify({"batchData": [value]});
}Step 3: Configure Worker Routing
If you'd like to route specific domains or paths through this Worker:
In the Cloudflare Dashboard, go to Workers & Pages.
Under Overview, select your Worker.
Navigate to Settings > Domains & Routes.
Click Add Route.
Select the appropriate zone (domain), and enter a route pattern such as:
*.yourdomain.com/*
This ensures all traffic matching the route is intercepted and mirrored to Akto.
Step 4: Verify the Setup
Confirm that API traffic data (requests and responses) are captured on the Akto dashboard under the respective api collection.
Check logs of your Lambda function for any initialization messages from the extension.
Go back to the Akto Dashboard.
Navigate to Api Collections > Hostname.
You should start seeing the traffic from your Cloudflare Worker.
Get Support for your Akto setup
There are multiple ways to request support from Akto. We are 24X7 available on the following:
In-app
intercomsupport. Message us with your query on intercom in Akto dashboard and someone will reply.Join our discord channel for community support.
Contact
[email protected]for email support.Contact us here.
Last updated
Was this helpful?